Array Networks Array AG Series and... CVE-2023-28461

- AV AC AU C I A
发布: 2023-03-15
修订: 2024-12-02

Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."

0%
暂无可用Exp或PoC
当前有14条受影响产品信息